Vulnerabilities > Wpmet > WP Social Login AND Register Social Counter > 2.2.5

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-28	CVE-2025-1506	Cross-Site Request Forgery (CSRF) vulnerability in Wpmet WP Social Login and Register Social Counter The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. network low complexity wpmet CWE-352	4.3
2024-03-13	CVE-2024-1763	Missing Authorization vulnerability in Wpmet WP Social Login and Register Social Counter The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp_social/v1/ REST API endpoint in all versions up to, and including, 3.0.0. network low complexity wpmet CWE-862	5.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.